Microsoft Security Intelligence Report – the State of Affairs

Microsoft recently released their semi-annual report on security. Called ‘Microsoft Security Intelligence Report’, the paper covers security threats and malware prevalence for the first half of 2013 seen from the perspective of the manufacturer of the most used operating systems in the world today.

When the first issue of this report came out in 2006, it contained 48 pages about computer malware and potentially unwanted software (PUA). The last report, volume 15, has grown to 160 pages and draws a much more detailed picture of the threat landscape. The report now goes into much more detail on each category of threat, and also offers a section on risk mitigation. For those especially interested in the spread of malware, the report also presents comprehensive prevalence statistics for the different malware categories by country.

What can we learn from this?

What can we learn from the data in this report? One of the things that one notices when comparing the first report with the current one is that the treat picture has become more complex. Malware spreads by exploiting numerous of known and unknown weaknesses in everything from the network infrastructure to flaws in common application environments. Systems can be infected by just visiting malevolent or compromised web sites or by a user who is executing an email attachment that he or she believes is legitimate. Additionally, the classification of software as ‘malware’ is not so simple anymore – some software can offer a desired service while aggressively serving advertising or harvesting personal data at the same time. The classification ‘potentially unwanted software’ covers this type of malware.

How can you protect yourself?

The threat landscape is complex and can be quite overwhelming for a computer user to relate to. Luckily, the report points out a few things that a user can do to protect their systems. Most of these points have been pointed out by the security industry regularly, but they can never be repeated too often:

Be critical of all data from unknown sources, be it software, web sites, emails, or a thumb drive.

Keep your computer environment up to date. This goes for all software that come in contact with external data. Browsers and browser extensions are especially important.

Employ additional security measures. Run updated antivirus software, use a firewall, and see what security features are available in your broadband router.

Get used to using strong password. Use different passwords on different systems and sites.

Keep your operating system updated

This point is given some extra emphasis by Microsoft. As it turns out, a considerable fraction of the user community is still using Windows XP. XP SP2 has been discontinued and SP3 will also gradually loose support. To be safe from malware threats, it is very important to plan for an upgrade to a modern version of Windows as soon as possible. The numbers are clear – XP users are overrepresented on the infection statistics.

I would recommend the ‘Microsoft Security Intelligence Report’ as a highly relevant read for anyone with an interest in computer security.